Kategorier: Alle - security - risks - recovery - milestones

af Camila Elena Cahua Tumay 3 år siden

75

Plan for business continuity

Effective management involves several key areas including planning and communication. Identifying and collaborating with critical suppliers and staff is essential to ensure smooth operations.

Plan for business continuity

Where to next?

Where to next?

Download this mind map to keep track of your business continuity planning project.

Organization Name

Type in your organization's name

Milestones

Milestone

Add a milestone for your business continuity planning project, and set dates.

Think about:

Training and testing

Trainee

Who needs to be trained in your emergency procedures?

Consider:

What action will you take to train 'Trainee'?

Consider:

Communication

Audience

Add a communication audience

Who will you need to communicate parts of your plan to? Who needs to take action, stay informed or be reassured?

Consider:

Action

What action will you take to communicate with 'Audience'? What will they need to know?

Think about:

Locations

Location

Add a location where you have people, assets, and operations that will be covered by your plan.

Critical suppliers

Supplier

Add a critical supplier for your organization

Where would failure in the supply chain cause significant problems?

These suppliers should be referenced in the risks section, and you should have a recovery strategy to cope with problems with your suppliers.

Core services

Service

Add a core service or function

Core services are the ones that are critical to the survival of your organization - the ones without which you would not have customers or business.

These services or functions should be the first to be recovered in the event of a disaster.

Critical staff

Add a critical staff member

Critical staff members are the ones on whom you will depend when a major incident occurs.

You will need to ensure that your critical staff members are trained and can be easily contacted.

Make sure that a copy of the contact list is kept off-site.

Planning team

Team member

Add a team member

Ensure that you have representation for:

Risks and responses

Other risks

Are there any other risks not covered above?

What is the impact of "Other risks" on your business? What level of resources is appropriate for dealing with it and recovering from it?

Rate the impact by clicking an icon:

Major- poses a critical risk to business

Survivable - causes problems that can be fixed

Minor - no recovery action needed

Incident detection and notification

Add recovery procedures

If the impact from "Other risks" is not minor:

Add prevention measures

Public relations
PR risk

Add a PR risk that may affect your business

Also think about things that your customers will notice, even if they are not widely publicized:

What is the impact of "PR risk" on your business? What level of resources is appropriate for dealing with it and recovering from it?

Rate the impact by clicking an icon:

Major- poses a critical risk to business

Survivable - causes problems that can be fixed

Minor - no recovery action needed

Add prevention measures

Add recovery procedures

If the impact from "PR risk" is not minor:

Incident detection and notification

Legal & financial
Legal / financial risk

Add a legal or financial risk that may affect your business.

Think about:

Incident detection and notification

Add prevention measures

What is the impact of "Legal / financial risk" on your business? What level of resources is appropriate for dealing with it and recovering from it?

Rate the impact by clicking an icon:

Major- poses a critical risk to business

Survivable - causes problems that can be fixed

Minor - no recovery action needed

Add recovery procedures

If the impact from "Legal / financial risk" is not minor:

Operations
Operations risk

Add a operations' risk that may affect your business.

Think about:

Add prevention measures

What is the impact of "Operations risk" on your business? What level of resources is appropriate for dealing with it and recovering from it?

Rate the impact by clicking an icon:

Major- poses a critical risk to business

Survivable - causes problems that can be fixed

Minor - no recovery action needed

Add recovery procedures

If the impact from "Operations risk" is not minor:

Incident detection and notification

Information security
IT risk

Add a IT risk that may affect your business.

Think about:

What is the impact of "IT risk" on your business? What level of resources is appropriate for dealing with it and recovering from it?

Rate the impact by clicking an icon:

Major- poses a critical risk to business

Survivable - causes problems that can be fixed

Minor - no recovery action needed

Incident detection and notification

Add prevention measures

Add recovery procedures

If the impact from "IT risk" is not minor:

Physical security
Physical risk

Add a physical risk that may affect your business.

Think about:

Add recovery procedures

If the impact from "Physical risk" is not minor:

What is the impact of "Physical risk" on your business? What level of resources is appropriate for dealing with it and recovering from it?

Rate the impact by clicking an icon:

Major- poses a critical risk to business

Survivable - causes problems that can be fixed

Minor - no recovery action needed

How quickly will "Impact" happen?

How quickly will this impact materialize? Faster responses are needed for fast-acting impacts.

Estimate a timeframe by clicking an icon below.

Short term - hours or days

Medium term - days to weeks

Longer term - weeks to months

Add prevention measures

Incident detection and notification

Staff
Staff risk

Add a business risk that may originate from your staff.

Think about:

Prevention

Add prevention measures

Recovery

Procedure

Add recovery procedures

If the impact from "Staff risk" is not minor:

Detection

Incident detection and notification

Impact

What is the impact of "Staff risk" on your business? What level of resources is appropriate for dealing with it and recovering from it?

Rate the impact by clicking an icon:

Major- poses a critical risk to business

Survivable - causes problems that can be fixed

Minor - no recovery action needed

Timeframe

How quickly will 'Impact' happen?

How quickly will this impact materialize? Faster responses are needed for fast-acting impacts.

Estimate a timeframe by clicking an icon below.

Short term - hours or days

Medium term - days to weeks

Longer term - weeks to months